Thursday, 13 July 2017

LeakerLocker: A New Rasomware That Demand $50 In Oder Not To Expose You

A ransomware known as LeakerLocker which is an Android malware that threatening to send all your private information, web history, data, emails to all your contact in demand of $50 from you if you do not pay have been spotted on the world most secure android app store "Google Play Store.

On like the ransomware we have encountered in the past, this one works in a different way. It will not encrypt a victim's files but rather makes a backup of the victim's data that is been stored on the device.

This backup made will be used in treating the victim to pay a sum of $50 or the data, web history, emails, location, picture taking will be sent/leak to all his/her contacts. The LeakLocker was foud in two apps on the Google Play Store. They apps WallPaper Blur HD, which have up to 10,000 downloads by Android user, and Booster & Cleaner Pro, which have up to 5,000 downloads by Android users. To accurately calculate these, the malware already has 15,000 victims.

The funny part is that the app has been on Google Play Store since April this you, the app even had good reviews on Google Play Store. Meanwhile, the developer of the malware manipulates fake reviews of the apps to deceive people who want to download the app.

How LeakerLocker Works On Your Device
After downloading any of those apps, LeakerLocker will ask for a large number of permissions, including the ability to manage calls, read and send text messages, and access contacts. After you grant it access, the malware communicates with a receiver, thus initiating the malicious activity and locking your device home screen with an extortion threat.

The analysis of the malware code shows that it is capable of accessing an email address, some contact information, chrome browser history, text messages and calls and photos from the selfies and pictures you take through your camera.

How LeakerLocker Take Payments
The malware demands the ransom through a credit card. But researchers have advised victim not to pay any money demanded because there is no assurance that the information will be released or will not be used to get at them again.

Adding to it, McAfee researchers have reported LeakerLocker to Google, which says it's "investigating" -- and it appears that the two apps including the malware have been removed from the Google Play store.